This is all just academic research (at the moment) but here is a story about exploiting the range of voice assistants, Siri, Google Assistant, Alexa and Cortana, using voice commands, issued from one device, that are inaudible to the human owners, but can activate another device. To do what? Here …
CISA Security Advisories – and why checking this post and software patching is important
CISA is the US government’s Cybersecurity and Infrastructure Security Agency and a very good source cyber security and software patching information. Last week they posted several software patching updates and known vulnerabilities that are being exploited and mitigations for them. Samba Releases Security Updates for Multiple Versions of Samba | …
Watch where you download your Tor browser from…
…or any other software. Governments around the world, including for instance Russia, ban Tor web sites from the internet in their countries as it is a very effective way for users to conceal their IP address from authorities. However this had led to a rise in other sites offering Tor …
Continue reading “Watch where you download your Tor browser from…”
Apple – patch everything
This includes some older iPhones and iPads – with iOS 15 and 16 and iPadOS 15 and 16 getting updates – and the Studio Display: Apple Updates Everything – SANS Get them done. Not sure you need to do this? Here is an example of a data stealer specifically aimed …
Why Zero-day attacks are a real issue
The gap between the vendor discovering a vulnerability and the patch getting to you will always be an issue – this is the zero-day threat. It escalates if the threat actors became aware of the vulnerability and exploits it before the vendor becomes aware. Now research by Mandiant shows that, …
